CODE]
2007-03-28,10:40:11
System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)
Windows 2000 Professional Service Pack 4 (Build 2195) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Internat.exe><internat.exe> [(Verified)Microsoft Windows 2000 Publisher]
<ProxyCap><C:\PROGRA~1\PROXYL~1\ProxyCap\ProxyCap.exe> [汉化: tracky(tracky2002@163.com)]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IgfxTray><C:\WINNT\System32\igfxtray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<HotKeysCmds><C:\WINNT\System32\hkcmd.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<KAVPersonal50><C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize> [N/A]
<IMSCMIG40W><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log> [Microsoft Corporation]
<kis><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"> [Kaspersky Lab]
<SDJobCheck><triggusr.exe> [N/A]
<Client Access Service><"C:\Program Files\IBM\Client Access\cwbsvstr.exe"> [IBM Corporation]
<Client Access Help Update><"C:\Program Files\IBM\Client Access\cwbinhlp.exe"> [IBM Corporation]
<Client Access Check Version><"C:\Program Files\IBM\Client Access\cwbckver.exe" LOGIN> [N/A]
<Client Access Express Welcome><"C:\Program Files\IBM\Client Access\cwbwlwiz.exe"> [IBM Corporation]
<Synchronization Manager><mobsync.exe /logon> [(Verified)Microsoft Windows 2000 Publisher]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [(Verified)"RealNetworks, Inc."]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><explorer.exe> [(Verified)Microsoft Windows 2000 Publisher]
<Userinit><C:\WINNT\system32\userinit.exe,> [(Verified)Microsoft Windows 2000 Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll> [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><C:\WINNT\system32\klogon.dll> [Kaspersky Lab]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINNT\system32\logon.scr> [(Verified)Microsoft Windows 2000 Publisher]
==================================
启动文件夹
N/A
==================================
服务
[Asset Management Agent / AmoAgent][Stopped/Disabled]
<C:\WINNT\UMCSTUB.EXE><Computer Associates International, Inc.>
[卡巴斯基互联网安全套装 6.0 / AVP][Running/Auto Start]
<"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r><Kaspersky Lab>
[Client Access Express 远程命令 / Cwbrxd][Stopped/Disabled]
<C:\WINNT\CWBRXD.EXE><IBM Corporation>
[Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start]
<C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[kavsvc / kavsvc][Stopped/Auto Start]
<C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe><N/A>
[Unicenter Software Delivery / SDService][Stopped/Auto Start]
<"C:\SYSMGT\TNGSD\BIN\SDSERV.EXE"><N/A>
[Portable Media Serial Number Service / WmdmPmSN][Stopped/Auto Start]
<C:\WINNT\System32\svchost.exe -k netsvcs-->C:\WINNT\System32\mspmsnsv.dll><Microsoft Corporation>
==================================
驱动程序
[aeaudio / aeaudio][Running/Manual Start]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[dmboot / dmboot][Stopped/Disabled]
<System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio][Running/Boot Start]
<\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload][Running/Boot Start]
<\SystemRoot\System32\drivers\dmload.sys><VERITAS Software Corp.>
[Intel(R) PRO/1000 Adapter Driver / E1000][Running/Manual Start]
<System32\DRIVERS\e1000nt5.sys><Intel Corporation>
[fz3plus / fz3plus][Stopped/Manual Start]
<\??\C:\WINNT\System32\fz3plus.sys><N/A>
[ialm / ialm][Running/Manual Start]
<System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[kl1 / kl1][Running/Boot Start]
<\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klick / klick][Running/Boot Start]
<\SystemRoot\System32\Drivers\klick.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
<\??\C:\WINNT\system32\drivers\klif.sys><Kaspersky Lab>
[klin / klin][Running/Boot Start]
<\SystemRoot\System32\Drivers\klin.sys><Kaspersky Lab>
[Klmc / Klmc][Running/System Start]
<System32\drivers\klmc.sys><Kaspersky Lab>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
<system32\drivers\npf.sys><NetGroup - Politecnico di Torino>
[npkcrypt / npkcrypt][Running/Auto Start]
<\??\D:\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[OMCI / OMCI][Running/System Start]
<\SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS><Dell Computer Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\PxHelp20.sys><Sonic Solutions>
[SecDrv / SecDrv][Running/Auto Start]
<\??\C:\WINNT\system32\drivers\SECDRV.SYS><N/A>
[smwdm / smwdm][Running/Manual Start]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[SAMSUNG Mobile USB Device 1.0 driver (WDM) / ss_bus][Stopped/Manual Start]
<system32\DRIVERS\ss_bus.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Filter / ss_mdfl][Stopped/Manual Start]
<system32\DRIVERS\ss_mdfl.sys><MCCI>
[SAMSUNG Mobile USB Modem 1.0 Drivers / ss_mdm][Stopped/Manual Start]
<system32\DRIVERS\ss_mdm.sys><MCCI>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<System32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
[XScanPF / XScanPF][Stopped/Manual Start]
<\??\C:\Documents and Settings\qiancheng.APCARRIER\桌面\11633811591005\X-Scan-v3.3\dat\xpf.sys><N/A>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Running/Manual Start]
<system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Running/Manual Start]
<system32\drivers\ialmkchw.sys><Intel Corporation>
==================================
浏览器加载项
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[Web反病毒保护]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[&Google Search]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[Backward &Links]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html, N/A>
[Cac&hed Snapshot of Page]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html, N/A>
[Si&milar Pages]
<res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html, N/A>
==================================
正在运行的进程
N/A
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINNT\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
[/CODE]